-
-
Notifications
You must be signed in to change notification settings - Fork 11
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add support for CEL policy conditions #316
Commits on Sep 26, 2023
-
Initial commit of CEL policy work
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for f98e600 - Browse repository at this point
Copy the full SHA f98e600View commit details -
Add a few custom CEL functions
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for e0d35d0 - Browse repository at this point
Copy the full SHA e0d35d0View commit details -
Make policies work with legacy way of reporting violations
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 9d735c5 - Browse repository at this point
Copy the full SHA 9d735c5View commit details -
Implement
is_dependency_of
CEL functionSigned-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 6703e62 - Browse repository at this point
Copy the full SHA 6703e62View commit details -
Support vuln aliases in CEL policies
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for fe0a3ed - Browse repository at this point
Copy the full SHA fe0a3edView commit details -
Configuration menu - View commit details
-
Copy full SHA for fee1f46 - Browse repository at this point
Copy the full SHA fee1f46View commit details -
Return CEL errors in API response
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for b95d72a - Browse repository at this point
Copy the full SHA b95d72aView commit details -
Fix some vulnerability fields not being fetched for policies
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 2f6c2e3 - Browse repository at this point
Copy the full SHA 2f6c2e3View commit details -
Configuration menu - View commit details
-
Copy full SHA for 07c42fa - Browse repository at this point
Copy the full SHA 07c42faView commit details -
Use AST visitor to determine which fields are accessed for any given …
…type Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 8634563 - Browse repository at this point
Copy the full SHA 8634563View commit details -
Configuration menu - View commit details
-
Copy full SHA for 086f70a - Browse repository at this point
Copy the full SHA 086f70aView commit details -
Configuration menu - View commit details
-
Copy full SHA for e956ca4 - Browse repository at this point
Copy the full SHA e956ca4View commit details -
WIP: Loading of required fields; Project policy evaluation
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for d2c4841 - Browse repository at this point
Copy the full SHA d2c4841View commit details -
Improve violation reconciliation for projects
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 26c1a4b - Browse repository at this point
Copy the full SHA 26c1a4bView commit details -
Add test with bloated BOM to debug performance bottlenecks
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 5f56384 - Browse repository at this point
Copy the full SHA 5f56384View commit details -
Disable DataNucleus L1 cache for policy reconciliation
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 2016e0e - Browse repository at this point
Copy the full SHA 2016e0eView commit details -
Configuration menu - View commit details
-
Copy full SHA for 40e9218 - Browse repository at this point
Copy the full SHA 40e9218View commit details -
Handle implicit policy script requirements for custom functions
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 1994988 - Browse repository at this point
Copy the full SHA 1994988View commit details -
Minor readability and code documentation improvements
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 3ec5f3b - Browse repository at this point
Copy the full SHA 3ec5f3bView commit details -
Fetch data for policy violation notifications in a single query
DataNucleus on its own loads too much data, and does so using too many queries. Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 489d1c5 - Browse repository at this point
Copy the full SHA 489d1c5View commit details -
Perform violation reconciliation using direct JDBC access
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 68d54a9 - Browse repository at this point
Copy the full SHA 68d54a9View commit details -
Include strings library in CEL policy environment
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for eb8c458 - Browse repository at this point
Copy the full SHA eb8c458View commit details -
Cleanup; Support project properties, tags, and vulnerability aliases
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 3d1a436 - Browse repository at this point
Copy the full SHA 3d1a436View commit details -
Add test to verify that all fields can be loaded
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for e1f3419 - Browse repository at this point
Copy the full SHA e1f3419View commit details -
Add remaining fields to
testWithAllFields
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 499e97d - Browse repository at this point
Copy the full SHA 499e97dView commit details -
Add test for vuln severity evaluation
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 047d5a5 - Browse repository at this point
Copy the full SHA 047d5a5View commit details -
Remove un-implemented
depends_on
function; Add proper logging for c……ustom functions Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for e824c5c - Browse repository at this point
Copy the full SHA e824c5cView commit details -
Handle invalid scripts and script runtime failures
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 7978c1e - Browse repository at this point
Copy the full SHA 7978c1eView commit details -
Add
escapeQuotes
for CEL script buildersUsing `escapeJson` doesn't work quite right when special characters / regular expressions are provided. All we need is prevention of "breaking out" of strings, so escaping double quotes alone is sufficient. Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 2f37004 - Browse repository at this point
Copy the full SHA 2f37004View commit details -
Add tests for some legacy conditions
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for ff9d52f - Browse repository at this point
Copy the full SHA ff9d52fView commit details -
More tests for
CelPolicyEngine
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 706922c - Browse repository at this point
Copy the full SHA 706922cView commit details -
Add more tests; Implement script cache bypass for REST API interactions
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 0452d00 - Browse repository at this point
Copy the full SHA 0452d00View commit details -
Add tests for hash policy (#326)
* added tests for hash policy Signed-off-by: mehab <[email protected]> * updated tests Signed-off-by: mehab <[email protected]> --------- Signed-off-by: mehab <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for b1c4b0a - Browse repository at this point
Copy the full SHA b1c4b0aView commit details -
Add version cel policy script builder (#324)
* Add version cel policy script builder Signed-off-by: vithikashukla <[email protected]> * add version support for coordinates cel policy Signed-off-by: vithikashukla <[email protected]> * Added unit test for version policy script builder Signed-off-by: vithikashukla <[email protected]> * added coordninates condition test Signed-off-by: vithikashukla <[email protected]> * added coordinates condition test Signed-off-by: vithikashukla <[email protected]> --------- Signed-off-by: vithikashukla <[email protected]> Co-authored-by: vithikashukla <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 9487edb - Browse repository at this point
Copy the full SHA 9487edbView commit details -
Fix new UNIQUE constraint breaking existing behavior
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for f012cfa - Browse repository at this point
Copy the full SHA f012cfaView commit details -
Add feature flag for CEL policy engine
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 4310a80 - Browse repository at this point
Copy the full SHA 4310a80View commit details -
Add
UpgradeItem
to update type of"POLICYCONDITION"."VALUE"
to `T……EXT` Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for ae9f067 - Browse repository at this point
Copy the full SHA ae9f067View commit details -
Handle policy evaluation for individual components
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 5a5dcf7 - Browse repository at this point
Copy the full SHA 5a5dcf7View commit details -
added unit tests for cwe cel policy
Signed-off-by: mehab <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 88ad93e - Browse repository at this point
Copy the full SHA 88ad93eView commit details -
Add license condition test (#332)
* Add version cel policy script builder Signed-off-by: vithikashukla <[email protected]> * add version support for coordinates cel policy Signed-off-by: vithikashukla <[email protected]> * Added unit test for version policy script builder Signed-off-by: vithikashukla <[email protected]> * added coordninates condition test Signed-off-by: vithikashukla <[email protected]> * added coordinates condition test Signed-off-by: vithikashukla <[email protected]> * added more conditions to test Signed-off-by: vithikashukla <[email protected]> * Added license condition test Signed-off-by: vithikashukla <[email protected]> * Update src/main/java/org/dependencytrack/policy/cel/CelPolicyEngine.java Co-authored-by: Niklas <[email protected]> Signed-off-by: VithikaS <[email protected]> * Added license group condition test Signed-off-by: vithikashukla <[email protected]> * updated comment Signed-off-by: vithikashukla <[email protected]> --------- Signed-off-by: vithikashukla <[email protected]> Signed-off-by: VithikaS <[email protected]> Co-authored-by: vithikashukla <[email protected]> Co-authored-by: Niklas <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for d6eb71b - Browse repository at this point
Copy the full SHA d6eb71bView commit details -
Fix projection mapping for
Double
/BigDecimal
fieldsSigned-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 0f4c0a8 - Browse repository at this point
Copy the full SHA 0f4c0a8View commit details -
Signed-off-by: vithikashukla <[email protected]>
vithikashukla committedSep 26, 2023 Configuration menu - View commit details
-
Copy full SHA for 8f36c64 - Browse repository at this point
Copy the full SHA 8f36c64View commit details -
Merge pull request #333 from DependencyTrack/edge-cases-for-coordiate…
…-policy support wildcard
Configuration menu - View commit details
-
Copy full SHA for 0c47b4f - Browse repository at this point
Copy the full SHA 0c47b4fView commit details -
Configuration menu - View commit details
-
Copy full SHA for 94eb8fc - Browse repository at this point
Copy the full SHA 94eb8fcView commit details -
Change Proto package from
hyades
todependencytrack
As this feature will be backported, we need to make sure policies will be compatible once folks start upgrading to Hyades. Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 1d78e4b - Browse repository at this point
Copy the full SHA 1d78e4bView commit details
Commits on Sep 27, 2023
-
Fix failing tests due to Proto package change
Signed-off-by: nscuro <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 2b035e4 - Browse repository at this point
Copy the full SHA 2b035e4View commit details -
Un-ignore
cyclonedx.proto
from breaking changes checkSigned-off-by: Niklas <[email protected]>
Configuration menu - View commit details
-
Copy full SHA for 39664d5 - Browse repository at this point
Copy the full SHA 39664d5View commit details